Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0667

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-0667
Last Modified 07 Mar 2011 09:16:08
Published 06 Aug 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0667

Summary

Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges.

Vulnerable Systems

Operating System

  • Gentoo Linux 1.4

Application

  • Rsbac 1.2.2

  • Rsbac 1.2.3


References

BID - 10640

XF - rsbac-jail-gain-privileges(16552)

CONFIRM - http://www.rsbac.org/download/bugfixes/

BUGTRAQ - 20040702 Announce: RSBAC v1.2.3 released

BUGTRAQ - 20040630 rsbac 1.2.3 jail security problems


Last Updated: 27 May 2016 10:38:42